1b6f86a77d9438c1441692d4ef3d3a2f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b6f86a77d9438c1441692d4ef3d3a2f
Size

48KB
MD5

1b6f86a77d9438c1441692d4ef3d3a2f
SHA1

a9e173f66ed4bde7bf084932facf2c2b2ea9427c
SHA256

a2bdffd2069bcc26eb27696f70bb513feb8ed8a2f9dce28b48a58a26ce5e40be
SHA512

547ac28992dc1facd260c1c7210dabfc7f6a853d27edbdf60bc820f16e4fe5c7841e1b1c2749fd570f9a1688932ff1d2c841845c7856cf99acaa3fcb3693f169
SSDEEP

768:wy5qvGQxwTVtmoULNkE/Qi9e0dr7UArPA0LJdB4TQ5q4Wt28FwBWpmZIlM8x:n5qvGQORULNjQV0d11L8E8Fy/il1x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b6f86a77d9438c1441692d4ef3d3a2f

Files

1b6f86a77d9438c1441692d4ef3d3a2f
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HookProc
InstallHook
StartHook
StopHook
UnHook

Sections

CODE
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ